Patrick Marchand
896b8bd7e4
Merge branch 'evobackup-client' into unstable
...
Import evobackup client code into mainline.
2020-02-06 16:29:02 -05:00
Jérémy Lecour
72f5dc70f8
apt: hold packages only if package is installed
2020-02-04 18:14:57 +01:00
Jérémy Lecour
dc7358bc4c
nagios-nrpe: change default haproxy socket path
2020-01-23 15:04:25 +01:00
Jérémy Lecour
02858692bb
evomaintenance: don't configure firewall for database if not necessary
2020-01-23 14:34:03 +01:00
Jérémy Lecour
71a2a19847
apache: the default VHost doesn't redirect to https for ".well-known" paths
2020-01-23 14:34:03 +01:00
Ludovic Poujol
31df2d2fbc
php: Add a task to remove Debian's default FPM pool file (off by default)
...
Can be triggered by switching php_fpm_remove_default_pool to True.
2020-01-16 15:55:35 +01:00
Ludovic Poujol
ef5ed6911e
php: Change the default pool names to something more explicit (and same for the variables names)
...
Because it's more than just pure configuration, but a fpm pool
definition, I've changed the following variables in Ansible :
- php_fpm_defaults_conf_file to replaced by php_fpm_default_pool_file
- php_fpm_custom_conf_file to php_fpm_default_pool_custom_file.
On the FPM side, I've also changed the files names of the pool to make
them more explicit. No more z and zzz. It's the www pool, so let's put
www in the file name for coherence :
- z-evolinux-defaults.conf changes to www-evolinux-defaults.conf
- zzz-evolinux-custom.conf changes to www-evolinux-zcustom.conf
2020-01-16 15:55:25 +01:00
Ludovic Poujol
c9d3635cf8
php: Make sure the default pool we define can be fully functionnal witout debian's default pool file
2020-01-16 15:55:17 +01:00
Jérémy Lecour
80081aa26e
evolinux-base: remove the chrony package
2020-01-16 10:57:47 +01:00
Jérémy Lecour
e7952dc3c8
etc-git: fix warnings ansible-lint
2020-01-08 17:19:36 +01:00
Jérémy Lecour
bf7de332ea
minifirewall: fix warnings ansible-lint
2020-01-08 17:19:13 +01:00
Jérémy Lecour
f79b30eeb4
update changelog
2020-01-03 16:40:53 +01:00
Jérémy Lecour
3b258cc43e
tomcat: package version derived from Debian version if missing
2019-12-31 16:43:51 +01:00
Patrick Marchand
20191c8873
Fixed regression introduced by commit 276177900b
...
The default behavior for ansible template is to overwrite the
targeted file. Since we dont always want to overwrite a file when
we play this role, we set `force` to `False` by default. This means
that if the `dest` already exists, ansible will not overwrite it
with it's given template.
This is fine for most of the tasks in this role, but in the case
of `{{ evoadmin_scripts_dir }}/web-mail.tpl`,the file is created
by a task that runs prior to the template task, so setting it to
`False` by default means it never gets updated and clients dont get
notified when they create new websites.
2019-12-24 14:10:24 -05:00
Victor LABORIE
2a1e0b7ef6
evolinux-base: install ssacli for HP Smart Array
2019-12-13 11:00:20 +01:00
Jérémy Lecour
e557a3eaae
apache: improve permissions in save_apache_status script
2019-12-13 10:44:44 +01:00
Ludovic Poujol
6e918d166e
evolinux-base: Don't make alert5.service executable
...
Every 3 mins, systemd complain that the service file is marked as
executable, and asks the executable bit to be remove.
Nov 27 01:35:11 foo systemd[1]: Configuration file /etc/systemd/system/alert5.service is marked executable. Please remove executable permission bits. Proceeding anyway.
2019-11-28 10:59:29 +01:00
Ludovic Poujol
0e58f34e18
certbot: Properly evaluate when apache is installed
...
Checking the existence of /etc/apache2 is not enough as a condition to
validate the presence of apache.
Indeed, some packages (including certbot!!!), put some files in
/etc/apache2/conf-available even if apache isn't installed.
In those cases, the check is not correct, and we'll enter in the apache
block, and fail when we try to enable the configuration.
With this commit, we now validate the presence apache with the presence
of /usr/sbin/apachectl
2019-11-26 11:58:52 +01:00
Ludovic Poujol
dc1c78e08a
evolinux-base: Fix our zsyslog rotate config that doesn't work on Debian 10
...
I've noticed that some log files, especially /var/log/syslog were empty.
After investigating, I've realized that it was happening after a log
rotation by logrotate.
The old mechanism, `invoke-rc.d rsyslog rotate` isn't working anymore on
Debian 10. It will fail with a not so explicit message :
[FAIL] Closing open files: rsyslogd failed!
Long story short, it seems that the pid file (`/run/rsyslogd.pid`) isn't
created any more, so start-stop-daemon as used by /etc/init.d/rsyslog
will fail. Explaining the error message.
Debian 10 rsyslog now brings `/usr/lib/rsyslog/rsyslog-rotate` that is
used by logrotate. It will send the signal HUP the 'right' way, so
rsyslog will be aware of the log rotation.
Sadly, this script isn't present in Debian 9 nor 8, so the logrotate
configuration for rsyslog is now a template, using the right command for
the right version.
2019-11-22 16:48:19 +01:00
Jérémy Lecour
473bcb4cd6
apt: verify that /etc/evolinux is present
2019-11-20 11:34:47 +01:00
Jérémy Lecour
26dd244ae0
nagios-nrpe: update check_redis_instances
2019-11-13 09:47:23 +01:00
Jérémy Lecour
7f6ad406a5
evocheck: upstream version 19.11.2
2019-11-07 10:38:32 +01:00
Jérémy Lecour
767760cbe0
evocheck: upstream version 19.11.1
2019-11-06 07:50:45 +01:00
Jérémy Lecour
049d36ab8f
etc-git: add versioning for /usr/share/scripts on Debian 10+
...
The repository.yml task file is generic and can be called for vrious
repositories.
On Debian 10, /usr/share/scripts is versioned
2019-11-05 17:00:22 +01:00
Jérémy Lecour
6b77372f24
evocheck: upstream version 19.11
2019-11-05 16:20:07 +01:00
Jérémy Lecour
a55e29186f
evomaintenance: upstream version 0.6.0
2019-11-05 14:52:59 +01:00
Jérémy Lecour
ab8c6b13b8
evoacme: upstream version 19.11
2019-11-05 14:08:02 +01:00
Jérémy Lecour
7e50a460a8
minifirewall: add a variable to force the check scripts update
2019-11-05 10:52:14 +01:00
Jérémy Lecour
5476538eb1
minifirewall: no http filtering by default
2019-10-30 14:37:22 +01:00
Jérémy Lecour
f2dacac139
evolinux-base: add /usr/share/scripts in root's PATH (Debian 10+)
2019-10-30 14:32:32 +01:00
Jérémy Lecour
8679da4cb6
evolinux-base: install /sbin/deny
2019-10-30 14:32:32 +01:00
Jérémy Lecour
772c333623
apt: remove jessie/buster sources from Gandi servers
2019-10-30 14:32:32 +01:00
Jérémy Lecour
e80e4197c2
evocheck: upstream version 19.10
2019-10-25 13:17:16 +02:00
Jérémy Lecour
d5a6487315
Merge branch 'mongodb-buster' into unstable
2019-10-24 17:23:53 +02:00
Jérémy Lecour
27adad616f
squid: compatibility wit Debian 10
2019-10-24 16:23:48 +02:00
Jérémy Lecour
85b0e36f33
CHANGELOG: sort alphabetically
2019-10-24 15:37:58 +02:00
Jérémy Lecour
76864f226e
WIP mongodb: compatibility with Debian 10
2019-10-24 15:36:51 +02:00
Jérémy Lecour
ee72dd07ff
rbenv: install Ruby 2.6.5 by default
2019-10-22 15:03:45 +02:00
Jérémy Lecour
2ea88dc385
mysql-oracle: backport tasks from mysql role
2019-10-21 16:32:59 +02:00
Jérémy Lecour
12cebfa71c
lxc-php: refactor tasks for better maintainability
2019-10-21 15:26:03 +02:00
Ludovic Poujol
2d2889ac16
php: Don't set a chroot for the default fpm pool
2019-10-16 15:59:33 +02:00
Ludovic Poujol
0a7262081a
php: add missing handler for php7.3-fpm
2019-10-16 15:17:35 +02:00
Jérémy Lecour
edb5ace762
haproxy: add a variable to keep the existing configuration
2019-10-10 11:27:39 +02:00
Patrick Marchand
c6804e73e7
Adapted the bind role to respect the evocheck warnings
...
The required munin plugins and the logging necessary for them to work is
now activated depending on the type of resolver and the logrotate file is
changed from bind to bind9.
2019-10-09 11:54:30 -04:00
Ludovic Poujol
4aaeb4590b
lxc: rely on lxc_container module instead of command module
2019-10-02 16:32:20 +02:00
Ludovic Poujol
e985f5778c
evoadmin-web: Put the php config at the right place for Buster
2019-10-02 15:48:03 +02:00
Ludovic Poujol
a5378c783e
lxc: update our default template to be compatible with Debian 10
2019-10-01 17:54:13 +02:00
Ludovic Poujol
ae97276e13
lxc: remove useless loop in apt execution
2019-10-01 17:54:13 +02:00
Jérémy Lecour
a478c773eb
apt: check if cron is installed before adding a cron job
2019-09-30 14:12:38 +02:00
Jérémy Lecour
394e28b815
WIP: new certbot role
2019-09-27 00:21:29 +02:00
Jérémy Lecour
e3e908dd4c
Merge branch 'redis-instances' into unstable
2019-09-25 22:25:42 +02:00
Gregory Colpart
6fe86a76c5
remove reload-vcl.sh (Custom Varnish ExecReload script) when Debian >= 10
2019-09-24 14:00:22 +02:00
Jérémy Lecour
f09a405d84
mongodb: still incompatible with Debian 10
2019-09-23 22:18:52 +02:00
Jérémy Lecour
bea11352be
Merge branch 'buster' into unstable
2019-09-23 18:34:35 +02:00
Jérémy Lecour
45d48eedb0
changelog cleanup
2019-09-23 13:47:19 +02:00
Jérémy Lecour
3999e7d4f8
listupgrade: install old-kernel-autoremoval script
2019-09-23 13:46:29 +02:00
Jérémy Lecour
0829efc8a6
evocheck: upstream version 19.09
2019-09-23 09:22:58 +02:00
Jérémy Lecour
9f619adf68
evocheck: cron jobs execute in verbose
2019-09-23 09:22:40 +02:00
Jérémy Lecour
1a647d0546
evocheck : update (version 19.09) from upstream
2019-09-22 22:41:03 +02:00
Jérémy Lecour
b31159c9d2
evolinux-base: use "evolinux_internal_group" for SSH authentication
2019-09-22 22:26:21 +02:00
Jérémy Lecour
8f868b8612
evolinux-base: default value for "evolinux_ssh_group"
2019-09-22 22:25:30 +02:00
Jérémy Lecour
2d249f1815
squid: split systemd tasks into own file
2019-09-22 22:18:09 +02:00
Patrick Marchand
a358db065b
Merge branch 'htpasswd_evoadmin' into unstable
2019-09-20 10:06:20 -04:00
Patrick Marchand
0009272462
Allow setting a custom mysql server_id
2019-09-12 11:46:12 -04:00
Patrick Marchand
109191ccd8
Added mysql_log_bin variable to enable binary logs
2019-09-12 08:54:18 -04:00
Jérémy Lecour
442353ce73
Update changelog
2019-09-06 16:04:47 +02:00
Jérémy Lecour
4acd61a072
generate-ldif: support MariaDB 10.3
2019-09-02 10:39:49 +02:00
Patrick Marchand
1c12827c9c
Added evobackup-client role
2019-08-30 14:43:52 -04:00
Patrick Marchand
d75846ed28
Make it possible to add an htpasswd file to evoadmin
2019-08-30 10:32:44 -04:00
Jérémy Lecour
5925a12b3d
evocheck: upstream version 19.08
2019-08-30 14:23:35 +02:00
Jérémy Lecour
6db519c2b0
redis: max clients is configurable
2019-08-30 08:53:12 +02:00
Jérémy Lecour
2c2f13e17f
update CHANGELOG
2019-08-30 08:52:08 +02:00
Patrick Marchand
276177900b
Merge branch 'evoadmin-web-template-override' into unstable
...
I had to apply some of the yamllint fixes to the new multi-php tasks
as well. Notably it removes the need to explicitely check for the
truthy "True"
2019-08-27 10:23:04 -04:00
Ludovic Poujol
8d71965ec9
nginx: fix munin fcgi not working (missing chmod 660 on logs)
2019-08-22 14:47:32 +02:00
Ludovic Poujol
e2fd56bdcd
php: By default, allow 128M for OpCache (instead of 64M)
2019-08-21 15:56:35 +02:00
Jérémy Lecour
f5f4a82114
evomaintenance: upstream version 0.5.1
2019-08-21 15:40:15 +02:00
Ludovic Poujol
b116c47b58
packweb-apache: Deploy opcache.php to give some insights on PHP's opcache status
2019-08-21 15:24:58 +02:00
Jérémy Lecour
c0ed2fa620
php: variable to install the mysqlnd module instead of the default mysql module
2019-08-16 10:11:23 +02:00
Ludovic Poujol
6d2db1341f
evomaintenance: Turn on API by default (instead of DB)
2019-08-07 15:42:23 +02:00
Ludovic Poujol
b7844dd804
squid: Remove wait time when we turn off squid
2019-08-06 10:26:47 +02:00
Ludovic Poujol
f630d93587
evolinux-base: On debian 10 and later, add noexec on /dev/shm
2019-07-23 18:18:29 +02:00
Victor LABORIE
cb8116fff0
tomcat: fix typo for default tomcat_version
2019-07-12 15:29:05 +02:00
Victor LABORIE
031c4c29b9
roundcube: fix typo for roundcube vhost
2019-07-08 15:35:05 +02:00
Jérémy Lecour
11a039bfac
elasticsearch: listen on local interface only by default
2019-07-01 17:17:32 +02:00
Ludovic Poujol
e13543bf07
lxc-php: Don't remove the default pool - That's making PHP-FPM sad :(
2019-06-26 11:10:23 +02:00
Jérémy Lecour
16bdd6893d
Release 9.10.1
2019-06-21 14:36:20 +02:00
Jérémy Lecour
a5ee2771ca
evocheck : update (version 19.06) from upstream
2019-06-21 14:35:59 +02:00
Jérémy Lecour
39d0167408
Release 9.10.0
2019-06-21 10:46:08 +02:00
Jérémy Lecour
bb0189e5a4
rbenv: install Ruby 2.6.3 by default
2019-06-21 10:43:20 +02:00
Jérémy Lecour
8420791224
fluentd: store gpg key locally
2019-06-21 10:29:18 +02:00
Jérémy Lecour
ce12e32375
evocheck : update from upstream
2019-06-21 09:42:02 +02:00
Jérémy Lecour
49d90fff09
apache: add a variable to customize the server-status host
2019-06-20 17:29:48 +02:00
Jérémy Lecour
a8ef97fcde
Revert "evolinux-base: install "spectre-meltdown-checker" (Debian 9 and later)"
...
This reverts commit 65414d8ae7
.
2019-06-20 17:29:48 +02:00
Jérémy Lecour
8cb604aa93
etc-git: gitignore /etc/letsencrypt/.certbot.lock
2019-06-17 15:02:17 +02:00
Ludovic Poujol
7b9cc7c2b1
apt: Add Debian Buster repositories
2019-06-17 14:24:09 +02:00
Jérémy Lecour
65414d8ae7
evolinux-base: install "spectre-meltdown-checker" (Debian 9 and later)
2019-06-17 14:22:00 +02:00
Jérémy Lecour
a643c96cca
evomaintenance: make hooks configurable
2019-06-17 14:17:30 +02:00
Ludovic Poujol
8413fa137c
nagios-nrpe: Replace the dummy packages nagios-plugins-* with monitoring-plugins-*
2019-06-17 10:25:46 +02:00
Ludovic Poujol
890055753e
evolinux-users: Validate sshd config with "-t" instead of "-T"
...
See #52
2019-06-17 10:23:56 +02:00
Ludovic Poujol
75a8c90258
evolinux-base: Ensure rename is present
2019-06-17 09:58:10 +02:00